Remote Code Execution Vulnerability in Intel McAfee ePolicy Orchestrator
CVE-2015-8765

8.3HIGH

Key Information:

Vendor

Mcafee
Status
Epolicy Orchestrator
Vendor
CVE Published:
8 January 2016

What is CVE-2015-8765?

The vulnerability in Intel McAfee ePolicy Orchestrator allows attackers to exploit weaknesses in the handling of crafted serialized Java objects. This flaw is associated with the Apache Commons Collections library, potentially enabling attackers to execute arbitrary code remotely. Versions 4.6.9 and earlier, as well as specific updates in the 5.0.x, 5.1.x, and 5.3.x series, are impacted. Organizations using these affected versions should apply the necessary updates and mitigations to protect their systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...
x_refsource_CONFIRM
https://www.kb.cert.org/vuls/id/576313
third-party-advisoryx_refsource_CERT-VN

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.